Chef data bags

• Is to encrypt sensitive information.
• Refer Here
• Creating databag manually refer here
• In the chef-repo folder

mkdir data_bags
cd data_bags
mkdir admins # admins is data bag name
knife data bag create admins # This command creates the data bag on the server

• Create a file called as mysql.json in admins folder with following content

{
  "id": "mysql",
  "username": "root",
  "password": "rootroot"
}

• Data bag is used to encrypt the content and while reading from recipe it will decrypt
• Upload the file with secret text or secret file, so that the data is encrypted on the server

knife data bag from file admins .\mysql.json --secret <yoursecret>

• Now look at data bag item in Chef management Console
• To encrypt the local file in your cook book use the following comamnd

knife data bag from file admins .\mysql.json --secret <yoursecret> --localmode

• When the user wants to access the data from data bag inside recipe or templates use the following syntax

mysqldatabag_item = data_bag_item('admins','mysql', '<secret>')

username = mysqldatabag_item['username']
password = mysqldatabag_item['password']

Chef Unattended bootstrap

• Refer Here
• If you are using Azure VMs Refer Here

Chef Server Installation

• Refer Here

Exercise Spring Boot application (Spring-petclinic) as a Service

• Steps for installing java and downloading spring petclinic

sudo apt-get update
sudo apt-get install openjdk-8-jdk -y
sudo wget  https://learningspcfromqt.s3.us-east-2.amazonaws.com/spring-petclinic.jar

• Write a script to run this application. (This script will run continuously as long as application is running)

sudo vi my-webapp.sh
#!/bin/bash
java -jar spring-petclinic.jar

• To avoid this long running script, make spring-petclinic a linux daemon(service).
• sudo vi /etc/systemd/system/springpetclinic.service

[Unit]
Description=My Webapp 
[Service]
User=ubuntu
#change this to your workspace
WorkingDirectory=/home/ubuntu
#path to executable. 
#executable is a bash script which calls jar file
ExecStart=/bin/bash /home/ubuntu/my-webapp.sh
SuccessExitStatus=143
TimeoutStopSec=10
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target

• To reload the deamon “`sudo systemctl daemon-reload“
• enable the service for every boot “`sudo systemctl enable springpetclinic.service“
• start the service sudo systemctl start springpetclinic
• check the application is running or not sudo systemctl status springpetclinic
• For centos the create a file /etc/systemd/system/springpetclinic.service

[Unit]  
Description=My Webapp  
[Service]  
User=centos  
#The configuration file application.properties should be here:  
#change this to your workspace  
WorkingDirectory=/home/centos  
#path to executable  
#executable is a bash script which calls jar file  
ExecStart=/bin/bash /home/centos/my-webapp.sh  
SuccessExitStatus=143  
TimeoutStopSec=10  
Restart=on-failure  
RestartSec=5  
[Install]  
WantedBy=multi-user.target